From 875acb1dd1935b3def7865d448371b5462d32a97 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Fri, 19 Jun 2015 18:45:02 +0200
Subject: [PATCH] library/roles/fail2ban: eliminate the dependency from the
 iptables role. Install the iptables package.

---
 fail2ban/defaults/main.yml  |  3 +++
 fail2ban/tasks/fail2ban.yml | 13 ++++++-------
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/fail2ban/defaults/main.yml b/fail2ban/defaults/main.yml
index 7b4c85d9..655a7fe0 100644
--- a/fail2ban/defaults/main.yml
+++ b/fail2ban/defaults/main.yml
@@ -31,3 +31,6 @@ f2b_recidive_findtime: 604800
 # 14515200 24 weeks
 f2b_recidive_ban_time: 14515200
 
+f2b_packages:
+  - fail2ban
+  - iptables
diff --git a/fail2ban/tasks/fail2ban.yml b/fail2ban/tasks/fail2ban.yml
index 7f485499..f529b141 100644
--- a/fail2ban/tasks/fail2ban.yml
+++ b/fail2ban/tasks/fail2ban.yml
@@ -1,14 +1,13 @@
 ---
-- name: install fail2ban ubuntu >= 14.04
+- name: install fail2ban on ubuntu >= 14.04 and debian >= 8
   apt: pkg={{ item }} state=installed
-  with_items:
-    - fail2ban
-  tags:
-    - fail2ban
+  with_items: f2b_packages
+  tags: fail2ban
 
 - name: Install the fail2ban custom jail file
   template: src=jail.local.j2 dest=/etc/fail2ban/jail.local owner=root group=root mode=444
   notify: Restart fail2ban
-  tags:
-    - fail2ban
+  tags: fail2ban
 
+- name: Ensure that fail2ban is enabled and running
+  service: name=fail2ban state=started enabled=yes